Exam SC-300 topic 4 question 29 discussion

Correct

Reasoning...✅ Answer D: Access Review for Application Access Scope: Reviews users (including guests) who have access to a specific enterprise application (like App1). Use Case: Ideal when you want to target access to a particular app. Inactivity-based removal: Yes, you can configure it to remove users who haven’t signed in to that app in the last X days. Best Fit: This is the most precise solution for your scenario. Answer C: Guest Access Review Scope: Reviews all guest users across Microsoft 365 groups and Teams. Use Case: Best for broad governance of guest access across the tenant. Inactivity-based removal: Yes, it can remove guests who haven’t signed in during a specified period. Limitation: It does not target access to a specific app like App1. 🔍 Summary: If your goal is tenant-wide guest cleanup, go with C. If your goal is removing inactive guests from App1, go with D — it's more targeted and minimizes

Answer D) an access review for application access When you start to create an Access Review, you will have to choose "Teams and Groups" or "Applications. Choosing Applications limits the review to one application.

You can only choose specific Application (e.g. App1) with Access review for application access, so answer D will minimize administrative effort.

The best answer is D. an access review for application access. Access reviews for application access allow you to review and approve or deny user access to specific applications. This is the most specific and targeted solution to the problem, as it allows you to focus on the guest users that have not accessed App1 in the past 30 days. Conditional access policies, compliance policies, and guest access reviews are all more general solutions that could be used to address the problem, but they would require more administrative effort to configure and manage.

The correct answer is C) a guest access review. A guest access review allows you to review and remove guest user access that is no longer needed. You can configure the policy to automatically remove access for guest users that have not accessed the application in a specified period of time, such as 30 days.

D. an access review for application access

C. a guest access review You can create a recurring access review of guest users across all Microsoft 365 groups and applications, and specify the inactivity period as 30 days

the answer is C. a guest access review. A guest access review allows you to review and remove guest users who have not accessed a web app during a specified period of time. You can also enable automatic, recurring access reviews for guest users across all Microsoft 365 groups and Teams. Some additional information: - A Conditional Access policy is used to enforce security requirements for accessing resources, such as multi-factor authentication or device compliance4. - A compliance policy is used to define rules and actions to protect data on devices that are enrolled in Intune. - An access review for application access is used to review and revoke user access to applications that are assigned through Azure AD.

D. an access review for application access

They have updated the name of the access review to Guests assigned to an application. Correct Answer is D